Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/1_Z61-UScqVJtncoN24DAo8T3w8.roa
File: 1_Z61-UScqVJtncoN24DAo8T3w8.roa (raw, json)
Hash identifier: LkFsixxYbahC+4+RMbxexP3t9avdYvR1roPB/Vma6XY=
Subject key identifier: D7:F6:7A:D7:E5:12:72:A5:49:B6:77:28:37:6E:03:02:8F:13:DF:0F
Certificate issuer: /CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Certificate serial: 01856CCB0D7DFB846DB6BFD546F886EC4C36
Authority key identifier: E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/1_Z61-UScqVJtncoN24DAo8T3w8.roa
Signing time: Sun 01 Jan 2023 10:05:24 +0000
ROA not before: Sun 01 Jan 2023 10:05:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201396
IP address blocks: 185.75.148.0/24 maxlen: 24
188.74.44.0/22 maxlen: 22
2a03:4b21::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 19 Oct 2023 13:10:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:cb:0d:7d:fb:84:6d:b6:bf:d5:46:f8:86:ec:4c:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e39f1a6e84c0277efcb56d942b0eb5e456471129
Validity
Not Before: Jan 1 10:05:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d7f67ad7e51272a549b67728376e03028f13df0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:17:5f:be:6f:c2:fe:bb:68:bf:5a:5d:b8:ea:
dc:31:30:52:8b:73:91:a0:1c:d9:cc:b1:c6:33:31:
8d:2d:a0:b1:07:90:6d:4a:cf:5e:70:9d:c8:49:40:
4e:d1:1d:d7:28:4c:87:4b:a3:41:03:c2:54:0a:d5:
6d:c9:c2:4e:9a:2a:d6:f9:80:10:d6:f6:24:25:11:
6c:f8:91:8e:e0:2d:02:75:51:a3:b5:d5:5c:30:87:
f4:b0:39:55:e7:78:64:67:ae:c3:89:9a:2e:30:df:
8a:8d:d6:40:24:92:c0:05:10:51:f9:6c:c3:4e:12:
3c:18:6d:2e:96:ff:ef:d2:93:b2:da:63:0b:1c:eb:
f8:ec:fa:30:f2:44:7b:1d:73:6e:f0:0b:e0:27:7e:
14:30:84:ef:cf:16:9a:fc:e3:db:50:16:94:ab:55:
58:78:75:4e:4c:9f:c0:af:fd:1d:9f:cb:73:5e:04:
e7:ec:bd:f7:83:4a:ea:c2:bf:5f:46:b5:ea:e2:58:
a2:62:7a:e6:57:b8:65:0a:f8:9e:32:46:ca:5f:3e:
e7:3d:3f:7a:80:1d:75:44:66:ab:b2:9b:33:6f:f5:
c9:48:fc:87:2e:0f:5a:1a:1e:88:66:3b:8f:68:66:
0f:ca:90:36:b2:80:dd:f3:d5:b3:12:0c:fb:1a:02:
47:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F6:7A:D7:E5:12:72:A5:49:B6:77:28:37:6E:03:02:8F:13:DF:0F
X509v3 Authority Key Identifier:
keyid:E3:9F:1A:6E:84:C0:27:7E:FC:B5:6D:94:2B:0E:B5:E4:56:47:11:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/458aboTAJ378tW2UKw615FZHESk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/1_Z61-UScqVJtncoN24DAo8T3w8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/160a77-756d-441a-86c3-0e5392757f82/1/458aboTAJ378tW2UKw615FZHESk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.148.0/24
188.74.44.0/22
IPv6:
2a03:4b21::/32
Signature Algorithm: sha256WithRSAEncryption
29:30:a1:fe:57:87:2f:73:9a:37:c1:fb:fb:6f:a0:fe:67:5e:
e4:f2:f8:ec:5b:d8:65:70:1b:fe:3f:48:bc:bd:dc:52:bc:9f:
01:f7:f4:12:b3:66:32:36:10:08:c6:cb:54:3c:98:57:1f:96:
52:76:4f:a1:9f:01:58:d0:38:22:88:7e:b9:b2:70:51:1b:c1:
7c:20:3a:6c:93:86:a9:ee:81:2c:7e:85:8c:93:ac:a5:0f:08:
7b:98:fc:64:6a:b8:d5:9c:47:af:e6:03:e8:5e:e2:63:b0:c5:
35:25:53:63:34:f2:d5:df:66:b7:c2:b6:82:d6:31:4b:d0:bc:
54:d7:08:c6:98:99:a5:de:7e:f6:10:4e:4c:bc:d4:e3:66:37:
16:2b:b9:d2:3f:8d:5b:51:22:d1:ce:91:bd:38:7f:94:51:a3:
5b:5c:8e:85:aa:32:69:64:70:29:51:ba:4a:52:72:1f:77:91:
03:a3:6b:aa:6e:80:fc:c3:97:56:70:9e:e1:0b:00:ac:ea:57:
a6:07:ed:4d:70:77:38:53:8b:0f:ee:1b:df:24:21:0b:fc:0c:
32:60:42:60:5e:76:38:23:0e:1f:21:9e:3c:98:e2:7f:c6:fd:
1f:d9:48:07:41:3a:81:04:26:61:65:ec:7a:74:b6:bb:fa:58:
47:18:50:10
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVsyw19+4Rttr/VRviG7Ew2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzOWYxYTZlODRjMDI3N2VmY2I1NmQ5NDJiMGViNWU0NTY0
NzExMjkwHhcNMjMwMTAxMTAwNTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y2N2FkN2U1MTI3MmE1NDliNjc3MjgzNzZlMDMwMjhmMTNkZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxdfvm/C/rtov1pduOrcMTBSi3OR
oBzZzLHGMzGNLaCxB5BtSs9ecJ3ISUBO0R3XKEyHS6NBA8JUCtVtycJOmirW+YAQ
1vYkJRFs+JGO4C0CdVGjtdVcMIf0sDlV53hkZ67DiZouMN+KjdZAJJLABRBR+WzD
ThI8GG0ulv/v0pOy2mMLHOv47Pow8kR7HXNu8AvgJ34UMITvzxaa/OPbUBaUq1VY
eHVOTJ/Ar/0dn8tzXgTn7L33g0rqwr9fRrXq4liiYnrmV7hlCvieMkbKXz7nPT96
gB11RGarspszb/XJSPyHLg9aGh6IZjuPaGYPypA2soDd89WzEgz7GgJHcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNf2etflEnKlSbZ3KDduAwKPE98PMB8GA1UdIwQY
MBaAFOOfGm6EwCd+/LVtlCsOteRWRxEpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMt
MGU1MzkyNzU3ZjgyLzEvMV9aNjEtVVNjcVZKdG5jb04yNERBbzhUM3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xNjBhNzctNzU2ZC00NDFhLTg2YzMtMGU1MzkyNzU3Zjgy
LzEvNDU4YWJvVEFKMzc4dFcyVUt3NjE1RlpIRVNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuUuUAwQC
vEosMA0EAgACMAcDBQAqA0shMA0GCSqGSIb3DQEBCwUAA4IBAQApMKH+V4cvc5o3
wfv7b6D+Z17k8vjsW9hlcBv+P0i8vdxSvJ8B9/QSs2YyNhAIxstUPJhXH5ZSdk+h
nwFY0DgiiH65snBRG8F8IDpsk4ap7oEsfoWMk6ylDwh7mPxkarjVnEev5gPoXuJj
sMU1JVNjNPLV32a3wraC1jFL0LxU1wjGmJml3n72EE5MvNTjZjcWK7nSP41bUSLR
zpG9OH+UUaNbXI6FqjJpZHApUbpKUnIfd5EDo2uqboD8w5dWcJ7hCwCs6lemB+1N
cHc4U4sP7hvfJCEL/AwyYEJgXnY4Iw4fIZ48mOJ/xv0f2UgHQTqBBCZhZex6dLa7
+lhHGFAQ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:27 2024 by rpki-client on console-ams.rpki-client.org